Lucene search
K
UbuntuMost viewed

10904 matches found

Ubuntu
Ubuntu
added 2020/11/19 8:12 p.m.86 views

USN-4637-2: Firefox vulnerabilities

USN-4637-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubuntu 16.04 LTS. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit...

9.3CVSS7.5AI score0.0247EPSS
Exploits1
Ubuntu
Ubuntu
added 2020/11/04 11:53 a.m.86 views

USN-4617-1: SPICE vdagent vulnerabilities

Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service. CVE-2020-25650 Matthias Gerstner discovered that SPICE vdagent incorrectly...

6.4CVSS5.9AI score0.0049EPSS
Exploits4
Ubuntu
Ubuntu
added 2020/07/27 2:15 p.m.86 views

USN-4436-1: librsvg vulnerabilities

It was discovered that librsvg incorrectly handled parsing certain SVG files. A remote attacker could possibly use this issue to cause librsvg to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2017-11464 It was discovered that librsvg incorrectly handled...

7.8CVSS6.5AI score0.02125EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/06/16 4:56 p.m.86 views

USN-4397-1: NSS vulnerabilities

It was discovered that NSS incorrectly handled the TLS State Machine. A remote attacker could possibly use this issue to cause NSS to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. CVE-2019-17023 Cesar Pereida Garcia discovered that NSS...

6.5CVSS7.3AI score0.0134EPSS
Exploits0
Ubuntu
Ubuntu
added 2020/04/20 12:58 p.m.86 views

USN-4332-1: File Roller vulnerability

It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information...

3.9CVSS5.6AI score0.00768EPSS
Exploits0
Ubuntu
Ubuntu
added 2019/09/09 7:6 p.m.86 views

USN-4126-2: FreeType vulnerabilities

USN-4126-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to access sensitive information. CVE-2015-9381,...

8.8CVSS6.8AI score0.02281EPSS
Exploits3
Ubuntu
Ubuntu
added 2019/04/25 1:53 p.m.86 views

USN-3956-1: Bind vulnerability

It was discovered that Bind incorrectly handled limiting the number of simultaneous TCP clients. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service...

7.5CVSS7.4AI score0.06404EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/07/11 4:42 p.m.86 views

USN-3713-1: CUPS vulnerabilities

It was discovered that CUPS incorrectly handled certain print jobs with invalid usernames. A remote attacker could possibly use this issue to cause CUPS to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 17.10 and Ubuntu 18.04 LTS. CVE-2017-18248 Dan...

8.8CVSS6.7AI score0.02255EPSS
Exploits1
Ubuntu
Ubuntu
added 2018/07/05 10:13 p.m.86 views

USN-3690-2: AMD Microcode regression

USN-3690-1 provided updated microcode for AMD processors to address CVE-2017-5715 aka Spectre. Unfortunately, the update caused some systems to fail to boot. This update reverts the update for Ubuntu 14.04 LTS. We apologize for the inconvenience. Original advisory details: Jann Horn discovered th...

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2018/04/17 4:25 p.m.86 views

USN-3611-2: OpenSSL vulnerabilities

USN-3611-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that OpenSSL incorrectly parsed the IPAddressFamily extension in X.509 certificates, resulting in an erroneous display of the certificate i...

6.5CVSS6.7AI score0.19295EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/01/23 1:20 a.m.86 views

USN-3542-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3542-1 addressed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and bran...

5.6CVSS7.2AI score0.93838EPSS
Exploits12References1
Ubuntu
Ubuntu
added 2018/01/23 12:40 a.m.86 views

USN-3541-1: Linux kernel vulnerabilities

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provide...

5.6CVSS7.5AI score0.93838EPSS
Exploits13References1
Ubuntu
Ubuntu
added 2017/08/17 5:3 p.m.86 views

USN-3394-1: libmspack vulnerabilities

It was discovered that libmspack incorrectly handled certain malformed CHM files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2017-6419 It was discovered that libmspack incorrectly handled certain...

7.8CVSS7.2AI score0.02067EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/06/29 6:19 p.m.86 views

USN-3323-2: GNU C Library vulnerability

USN-3323-1 fixed a vulnerability in the GNU C Library. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that the GNU C library did not properly handle memory when processing environment variables for setuid programs. A local attacker...

7.8CVSS7.1AI score0.02733EPSS
Exploits14
Ubuntu
Ubuntu
added 2017/06/29 9:25 a.m.86 views

USN-3345-1: Linux kernel vulnerabilities

USN 3324-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds che...

7.8CVSS6.8AI score0.01372EPSS
Exploits7References2
Ubuntu
Ubuntu
added 2017/06/29 8:45 a.m.86 views

USN-3338-2: Linux kernel regression

USN-3338-1 fixed vulnerabilities in the Linux kernel. However, the fix for CVE-2017-1000364 introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. Original advisory details: It was discovered that the stack guard page for processes ...

7.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2017/06/05 4:35 p.m.86 views

USN-3309-1: Libtasn1 vulnerability

Jakub Jirasek discovered that GnuTLS incorrectly handled certain assignments files. If a user were tricked into processing a specially crafted assignments file, a remote attacker could possibly execute arbirary code...

8.8CVSS6.9AI score0.05585EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/05/15 11:50 p.m.86 views

USN-3275-2: OpenJDK 7 vulnerabilities

USN-3275-1 fixed vulnerabilities in OpenJDK 8. This update provides the corresponding updates for OpenJDK 7. Original advisory details: It was discovered that OpenJDK improperly re-used cached NTLM connections in some situations. A remote attacker could possibly use this to cause a Java applicati...

7.7CVSS6.9AI score0.03311EPSS
Exploits2
Ubuntu
Ubuntu
added 2017/04/27 2:6 p.m.86 views

USN-3269-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.55 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04 have been updated to MySQL 5.7.18. In addition to security fixes, the...

7.8CVSS6.5AI score0.89924EPSS
Exploits8
Ubuntu
Ubuntu
added 2017/02/16 2:22 a.m.86 views

USN-3198-1: OpenJDK 6 vulnerabilities

Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes...

9.6CVSS7.5AI score0.95707EPSS
Exploits12
Ubuntu
Ubuntu
added 2016/12/20 9:43 p.m.86 views

USN-3162-1: Linux kernel vulnerabilities

CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service system crash. CVE-2016-6213 It was discovered that the KVM implementation for x86/x8664 ...

10CVSS6.7AI score0.09144EPSS
Exploits1
Ubuntu
Ubuntu
added 2016/12/05 12:35 p.m.86 views

USN-3151-2: Linux kernel (Xenial HWE) vulnerability

USN-3151-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Philip Pettersson discovered a race condition in the afpacket implementation in the...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
added 2016/11/30 6:59 p.m.86 views

USN-3144-2: Linux kernel (OMAP4) vulnerability

Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service system crash or possibly gain privileges...

7.8CVSS6.5AI score0.0043EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/10/11 5:11 a.m.86 views

USN-3098-1: Linux kernel vulnerabilities

Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload GRO processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service system crash. CVE-2016-7039 Marco Grassi discovered a...

7.8CVSS6.7AI score0.07613EPSS
Exploits5
Ubuntu
Ubuntu
added 2016/08/30 4:47 p.m.86 views

USN-3070-4: Linux kernel (Xenial HWE) vulnerabilities

USN-3070-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. A missing permission check when settings ACLs was discovered in nfsd. A local user cou...

7.8CVSS7.5AI score0.15073EPSS
Exploits3
Ubuntu
Ubuntu
added 2016/08/10 9:49 a.m.86 views

USN-3050-1: Linux kernel (OMAP4) vulnerabilities

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPTSOSETREPLACE events. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges...

8.4CVSS7.4AI score0.01234EPSS
Exploits1
Ubuntu
Ubuntu
added 2016/06/27 8:41 p.m.86 views

USN-3017-2: Linux kernel (Raspberry Pi 2) vulnerabilities

Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...

7.8CVSS7.1AI score0.05676EPSS
Exploits15
Ubuntu
Ubuntu
added 2016/02/02 1:53 a.m.86 views

USN-2889-1: Linux kernel vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

10CVSS6.4AI score0.09235EPSS
Exploits1
Ubuntu
Ubuntu
added 2016/02/02 1:41 a.m.86 views

USN-2888-1: Linux kernel (Utopic HWE) vulnerabilities

It was discovered that a use-after-free vulnerability existed in the AFUNIX implementation in the Linux kernel. A local attacker could use crafted epollctl calls to cause a denial of service system crash or expose sensitive information. CVE-2013-7446 It was discovered that the KVM implementation ...

7CVSS6.3AI score0.0123EPSS
Exploits1
Ubuntu
Ubuntu
added 2015/12/19 11:32 a.m.86 views

USN-2846-1: Linux kernel vulnerabilities

Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...

8.2CVSS7.2AI score0.0108EPSS
Exploits2
Ubuntu
Ubuntu
added 2015/12/17 7:25 a.m.86 views

USN-2841-1: Linux kernel vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...

10CVSS6.4AI score0.02501EPSS
Exploits1
Ubuntu
Ubuntu
added 2015/10/01 9:11 p.m.86 views

USN-2760-1: Linux kernel (OMAP4) vulnerabilities

It was discovered that an integer overflow error existed in the SCSI generic sg driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service system crash or potentially escalate their privileges. CVE-2015-5707 Marc-André...

4.9CVSS6.7AI score0.00493EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/09/03 8:52 p.m.87 views

USN-2732-1: Linux kernel (OMAP4) vulnerability

Benjamin Randazzo discovered an information leak in the md multiple device driver when the bitmapinfo.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel...

2.1CVSS7.2AI score0.00464EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/07/23 11:56 p.m.86 views

USN-2684-1: Linux kernel vulnerabilities

A flaw was discovered in the kvm kernel virtual machine subsystem's kvmapichasevents function. A unprivileged local user could exploit this flaw to cause a denial of service system crash. CVE-2015-4692 Daniel Borkmann reported a kernel crash in the Linux kernel's BPF filter JIT optimization. A...

7.8CVSS6.8AI score0.06267EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/03/24 9:28 a.m.86 views

USN-2546-1: Linux kernel vulnerabilities

A flaw was discovered in the automatic loading of modules in the crypto subsystem of the Linux kernel. A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. CVE-2013-7421 A flaw was...

10CVSS6.6AI score0.09828EPSS
Exploits1
Ubuntu
Ubuntu
added 2014/12/12 7:49 a.m.86 views

USN-2448-1: Linux kernel vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 An information leak in the Linux kernel was discovered...

7.8CVSS6.8AI score0.08579EPSS
Exploits17
Ubuntu
Ubuntu
added 2014/12/12 7:40 a.m.86 views

USN-2445-1: Linux kernel (Trusty HWE) vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 An information leak in the Linux kernel was discovered...

7.8CVSS6.7AI score0.08579EPSS
Exploits15
Ubuntu
Ubuntu
added 2014/09/27 9:5 a.m.86 views

USN-2364-1: Bash vulnerabilities

Florian Weimer and Todd Sabin discovered that the Bash parser incorrectly handled memory. An attacker could possibly use this issue to bypass certain environment restrictions and execute arbitrary code. CVE-2014-7186, CVE-2014-7187 In addition, this update introduces a hardening measure which add...

10CVSS7.7AI score0.64336EPSS
Exploits14
Ubuntu
Ubuntu
added 2014/07/05 5:38 p.m.86 views

USN-2266-1: Linux kernel vulnerability

Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x8664 processors. An attacker could exploit this flaw to cause a denial of service System Crash or potential gain administrative privileges...

6.9CVSS6.7AI score0.02324EPSS
Exploits6
Ubuntu
Ubuntu
added 2013/05/16 2:8 a.m.86 views

USN-1827-1: Linux kernel vulnerability

An flaw was discovered in the Linux kernel's perfevents interface. A local user could exploit this flaw to escalate privileges on the system...

8.4CVSS7.6AI score0.47709EPSS
Exploits15
Ubuntu
Ubuntu
added 2013/03/22 11:36 p.m.86 views

USN-1778-1: Linux kernel (OMAP4) vulnerabilities

Andrew Jones discovered a flaw with the xeniret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service crash the system or gain guest OS privilege. CVE-2013-0228 A flaw was reported in...

6.5CVSS6.8AI score0.01557EPSS
Exploits4
Ubuntu
Ubuntu
added 2013/03/12 9:3 p.m.86 views

USN-1760-1: Linux kernel (Oneiric backport) vulnerabilities

A failure to validate input was discovered in the Linux kernel's Xen netback network backend driver. A user in a guest OS may exploit this flaw to cause a denial of service to the guest OS and other guest domains. CVE-2013-0216 A memory leak was discovered in the Linux kernel's Xen netback networ...

6.5CVSS6.8AI score0.01557EPSS
Exploits5
Ubuntu
Ubuntu
added 2012/10/09 7:57 a.m.86 views

USN-1598-1: Linux kernel vulnerability

An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface which is not available to unprivileged users until granted by a root user could exploit this flaw to crash the system or potential gain administrative privileges...

7.2CVSS5.3AI score0.00583EPSS
Exploits2
Ubuntu
Ubuntu
added 2012/06/29 6:59 p.m.86 views

USN-1490-1: Linux kernel (Natty backport) vulnerabilities

Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. CVE-2012-2313 Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user...

7.2CVSS6.8AI score0.00979EPSS
Exploits4
Ubuntu
Ubuntu
added 2012/03/16 9:8 p.m.86 views

USN-1400-2: ubufox update

USN-1400-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Original advisory details: Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, throug...

8.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2011/12/13 12:41 p.m.86 views

USN-1300-1: Linux kernel (FSL-IMX51) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 A flaw was found in the Journaling Block Device JBD. A local attacker able to mount ext3 or ext4 file...

7.2CVSS7.8AI score0.00556EPSS
Exploits4
Ubuntu
Ubuntu
added 2011/11/16 8:31 p.m.86 views

USN-1263-1: IcedTea-Web, OpenJDK 6 vulnerabilities

Deepak Bhole discovered a flaw in the Same Origin Policy SOP implementation in the IcedTea web browser plugin. This could allow a remote attacker to open connections to certain hosts that should not be permitted. CVE-2011-3377 Juliano Rizzo and Thai Duong discovered that the block-wise AES...

10CVSS8.4AI score0.96714EPSS
Exploits19
Ubuntu
Ubuntu
added 2011/10/25 1:6 p.m.86 views

USN-1244-1: Linux kernel (OMAP4) vulnerabilities

Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. CVE-2010-3873 Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being...

7.2CVSS6.9AI score0.03739EPSS
Exploits3
Ubuntu
Ubuntu
added 2011/09/29 9:54 p.m.86 views

USN-1222-1: Firefox vulnerabilities

Benjamin Smedberg, Bob Clary, Jesse Ruderman, Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary...

10CVSS8.6AI score0.05312EPSS
Exploits4
Ubuntu
Ubuntu
added 2011/06/28 10:41 a.m.86 views

USN-1160-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. CVE-2010-4529 Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc...

9.8CVSS7.1AI score0.04177EPSS
Exploits25
Total number of security vulnerabilities5000